It was the day before KubeCon Seattle 2018 and we were all sitting in a huge conference hall spanning three rooms. There was barely room to move and then a series of lightning talks began including one from a friend of mine named Marko Mudnić. Marko is a young engineer and student from Belgrade who has made a name for himself through his contributions to the container, Kubernetes and serverless community.
Marko was introducing a new tool to us called "KinD" and said "kind" like "be kind to yourself". With
kind you can provision a Kubernetes cluster in under a minute on any machine which supports Docker.
I had a very quick go with
kind during the talk, but in this post we'll explore the tool in context and compare it to other options available for local Kubernetes development.
Pretty cool to get a K8s v1.12.2 cluster going on my Intel NUC in a few moments using KinD. pic.twitter.com/LboaCwhvGz— Alex Ellis @KubeCon (@alexellisuk) December 11, 2018
Running Kubernetes locally
The name for
kind comes from the underpinning tool
dind or Docker in Docker. So
kind actually means Kubernetes in Docker. Now I wrote about the various options for running Kubernetes in development early last year which are still valid today.
Let's do a quick recap. You can find the full article here: First impressions: Docker for Mac with Kubernetes
The oldest, most flexible method to run K8s is to create a Linux VM and then to run that locally and to install the Kubernetes packages into it. It's time-consuming and the UX is not great.
As a variation of the "VMs" option you have Minikube which is an automated VM creation based upon "Docker Toolbox". On a Mac it's likely to use VirtualBox and can be picky about versions. It uses a lot of battery, is slow to start and has a separate Docker library to any other versions you have installed. I've had reasonably good reliability, but others complain much.
Docker for Mac
In the last year Docker for Mac gained an option to switch into a Kubernetes mode which create a fully-compliant single-node Kubernetes cluster. The user-experience is much improved, but it takes a long time to install the first time and eats battery like there is no tomorrow. I'm sure the Docker team are on this, but if you don't believe me checkout here and here. DfM does have the ability to leverage your local Docker library which is a good step forward.
Remote cluster in cloud
One of the options I don't remember covering, but which is becoming ever-more popular for myself is the "remote cluster in cloud" option. When I want to work from my laptop without sacrificing its battery then I'll set up a 1-node GKE cluster or a cluster with DigitalOcean and then set a
KUBECONFIG environmental variable.
See also: read my first look at DigitalOcean's Kubernetes Engine.
Your local images are not shared or available within the cluster, but you can push them remote and if you have a good Internet connection and build small images this can work well. If cloud K8s runs too expensive for you then a local machine on your LAN such as an Intel NUC or an old Xeon server works well.
Let's get to
kind. This tool can provision a cluster in under a minute and is aimed at doing CI / integration tests as part of your build pipeline. It can however be useful to get Kubernetes quickly to validate something such as a helm chart. The CLI is great, but accessing the clusters which have been created involves copying Kubernetes config files around and using exposed ports on the local machine. As for battery I'm not sure if this is improved or not.
Let's try it out with OpenFaaS using the development YAML files (instead of the helm chart which requires the
Head over to https://github.com/kubernetes-sigs/kind and follow the installation instructions. You'll need
go available locally.
- Create a cluster
$ kind create cluster --name blog Creating cluster 'kind-blog' ... ✓ Ensuring node image (kindest/node:v1.12.2) 🖼 ✓ [kind-blog-control-plane] Creating node container 📦 ✓ [kind-blog-control-plane] Fixing mounts 🗻 ✓ [kind-blog-control-plane] Starting systemd 🖥 ✓ [kind-blog-control-plane] Waiting for docker to be ready 🐋 ✓ [kind-blog-control-plane] Starting Kubernetes (this may take a minute) ☸ Cluster creation complete. You can now use the cluster with: export KUBECONFIG="$(kind get kubeconfig-path --name="blog")" kubectl cluster-info
- Switch context
This is really important. Don't run any commands with
kubectl unless you are pointing at the new cluster. This counts for opening a second Terminal window, too. You may risk overwriting or deleting resources if you're pointing at another cluster already.
export KUBECONFIG="$(kind get kubeconfig-path --name="blog")"
- Clone the GitHub repo for OpenFaaS
git clone https://github.com/openfaas/faas-netes cd faas-netes kubectl apply -f namespaces.yml # generate a random password PASSWORD=$(head -c 12 /dev/urandom | shasum| cut -d' ' -f1) kubectl -n openfaas create secret generic basic-auth \ --from-literal=basic-auth-user=admin \ --from-literal=basic-auth-password="$PASSWORD" kubectl apply -f ./yaml
- Save your password
- Wait for OpenFaaS to come up
$ kubectl get deploy -n openfaas -w # Hit control-c when you see 1/1 or 2/2 on everything.
- Access the OpenFaaS gateway
The easiest way to access the gateway or any other service is to use
kubectl port-forward on a amchine which has the Kubernetes YAML. If that machine is remote then you can do some SSH tunneling or similar.
$ kubectl port-forward -n openfaas svc/gateway 8088:8080 &  3348 Forwarding from 127.0.0.1:8088 -> 8080 Forwarding from [::1]:8088 -> 8080
Now let's try a function that can check when an SSL cert expires:
$ faas-cli store deploy certinfo -g http://127.0.0.1:8088 Deployed. 202 Accepted. URL: http://127.0.0.1:8088/function/certinfo curl -d www.openfaas.com http://127.0.0.1:8088/function/certinfo Handling connection for 8088 Host 188.8.131.52 Port 443 Issuer Let's Encrypt Authority X3 CommonName www.openfaas.com NotBefore 2018-11-21 12:49:36 +0000 UTC NotAfter 2019-02-19 12:49:36 +0000 UTC SANs [www.openfaas.com] TimeRemaining 2 months from now $ faas-cli list -v -g http://127.0.0.1:8088 Function Invocations Replicas certinfo 3 1
- Clean up
You can now delete the cluster with
There are a number of ways to run Kubernetes for development and I think
kind represents a promising alternative for automation, testing and potentially as a good replacement for a local development environment.
For more on Kubernetes:
- Learn how Serverless Kubernetes works with OpenFaaS Introducing the OpenFaaS Operator
- My detailed article on Kubernetes options for development: https://blog.alexellis.io/docker-for-mac-with-kubernetes/
- Build a multi-node cluster with KVM and VMs on Linux: Get started with KVM & Kubernetes